You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cassandra.apache.org by "Ori Prog (Jira)" <ji...@apache.org> on 2022/01/31 10:29:00 UTC

[jira] [Created] (CASSANDRA-17326) Security Bug

Ori Prog created CASSANDRA-17326:
------------------------------------

             Summary: Security Bug
                 Key: CASSANDRA-17326
                 URL: https://issues.apache.org/jira/browse/CASSANDRA-17326
             Project: Cassandra
          Issue Type: Bug
          Components: Dependencies
            Reporter: Ori Prog


The Cassandra 3.11.11 uses _netty-all-4.0.44.Final.jar_

This library has the following CVEs. {*}Part of these CVEs are critical{*}!
Please upgrade to 4.1.71.Final

CVE-2019-20445
CVE-2019-20444
CVE-2019-16869
CVE-2020-7238
CVE-2021-37136
CVE-2021-37137
CVE-2021-21409
CVE-2021-43797
CVE-2021-21295
CVE-2021-21290



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org